package com.example.demo.security.service;

import com.example.demo.security.bean.SecurityResourceBean;
import com.example.demo.security.bean.SecurityRoleBean;
import com.example.demo.security.bean.SecurityRoleResourceBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.stereotype.Component;

import java.util.*;
import java.util.stream.Collectors;

@Component
public class MyInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {


    @Autowired
    public void setSecurityResourceServer(SecurityResourceServer securityResourceServer) {
        this.securityResourceServer = securityResourceServer;
        loadResource();
    }

    /**
     *
     */
    //xxx 这里本来就是服务层 可以直接调用dao层,还是在这里调用Service层呢?
//    @Autowired
    private SecurityResourceServer securityResourceServer;



    private static Map<String,Collection<ConfigAttribute>> resourceMap = null;

//    public MyInvocationSecurityMetadataSourceService() {
//        loadResource();
//    }






    private void loadResource(){
        if (resourceMap == null) {
            resourceMap = new HashMap<>();
        }
        System.out.println("-----------加载资源列表");
//        if (securityResourceServer!=null) {
            List<SecurityResourceBean> resourceBeanList = securityResourceServer.getAll();


            resourceBeanList.stream().forEach(b -> {

                Set<SecurityRoleResourceBean> roleset = b.getRoleResourceBeanSet();

                Collection<ConfigAttribute> value = roleset.stream().map(r -> {
                    ConfigAttribute ca = new SecurityConfig(r.getRole().getRoleName());
                    return ca;
                }).collect(Collectors.toList());

                resourceMap.put(b.getResourceUrl(), value);
            });
//        }
    }

    @Override
    public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {
//        securityResourceServer.getAll();
//        ConfigAttribute configAttribute = new SecurityConfig();
//        return null;
        if (resourceMap==null) {
            loadResource();
        }
        FilterInvocation filterInvocation = (FilterInvocation) object;
        Iterator<String> ite = resourceMap.keySet().iterator();
        Collection<ConfigAttribute> collection = null;
        while (ite.hasNext()) {
            String resURL = ite.next();
            RequestMatcher requestMatcher = new AntPathRequestMatcher(resURL);
            if (requestMatcher.matches(filterInvocation.getHttpRequest())){
//                return resourceMap.get(resURL);
                //这里应该需要考虑到所有拥有该资源的角色,包括通配符 和 直接匹配

                if (collection==null){
                    collection = new ArrayList<>();
                }
                collection.addAll(resourceMap.get(resURL));
            }

        }
        return collection;
    }


    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }


    @Override
    public boolean supports(Class<?> clazz) {
//        return false;
        return true;
    }
}
